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Listing of the Claims: 

1 . (Currently Amended) A system to provide application-to-application enterprise 
security, the system comprising: 

a security application program interface coupled to a client application op e rab le on 
a first operating system to provide a security credential; 

an authentication authority op e rab le to r e c eive receiving the security credential 
from the security application program interface, the authentication authority 
further op e rabl e to generates a token and communicates the token to the 
security application program interface where the security credential is valid A 
wherein the token contains user credentials encoded as a platform and 
application independent primitive data type ; 

a store maintaining data operable to va li dat e validating the security credential, the 
store in communication with the authentication authority to validate the 
security credential; 

an application program interface coupled to the client application, the application 
program interface op e rab le to communicat e communicating regarding the 
validity of the token; and 

a server application operabl e on a second operating system to receive the token 
from the application program interface, the server application operabl e to 
commun i cat e communicating with the authentication authority to validate 
the token to enable the client application to use services of the server 
application. 
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2. (Original) The system of Claim 1 , wherein the server application further comprises: 

an application program interface to communicate with the application program 

interface of the client application; and 
a security application program interface to communicate with the authentication 

authority. 

3. (Currently Amended) The system of Claim 1, wherein the server application is 
op e rab le to caches the token after validating the token with the authentication authority 
such that when the client application requests service of the server application, via the 
application program interfaces of the client application, the server application uses the 
cached token to validate the client application. 

4. (Original) The system of Claim 1 , wherein the token generated by the authentication 
authority comprises a string including at least a portion of the security credential. 

5. (Original) The system of Claim 4, wherein at least a portion of the token is in 
Extensible Markup Language format. 

6. (Original) The system of Claim 4, wherein at least a portion of the token is in 
Security Assertion Markup Language format. 
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7. (Original) The system of Claim 4, wherein the token includes information related to 
an expiration date of the token. 

8. (Original) The system of Claim 1, wherein validating the token by the authentication 
authority includes determining whether the authentication authority created the token. 
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9. (Currently Amended) A method for providing application-to-application enterprise 
security, the method comprising: 

communicating a security credential from a client application op e rab le on a first 

operating system to an authentication authority; 
communicating information related to the security credential between the 

authentication authority and a data store to determine whether the 

security credential is valid; 
generating a token by the authentication authority when the security credential 

is valid, wherein the token contains user credentials encoded as a 

platform and application independent primitive data type : 
communicating the token to the client application; 

providing, by the client application, the token to a server application, the server 
application op e rab l e on a second operating system; and 

validating, by the server application, the token before providing access to 
services of the server application by the client application. 

10. (Currently Amended) The method of Claim 9, wherein the server application is 
provided with a security application program interface coupled to the server application 
op erable for validating the token with the authentication authority. 

1 1 . (Currently Amended) The method of Claim 9, wherein the client application is 
provided with an application program interface coupled to the client application 
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op e rab le for communicating the token to an application program interface of the server 
application. 



12. (Original) The method of Claim 9, wherein validating the token by the server 
application further comprises: 

communicating information related to the token to the authentication authority; 
determining, by the authentication authority, whether the token is authentic; and 
receiving validation related information from the authentication authority. 

13. (Original) The method of Claim 12, wherein the information related to the token is 
the token. 

14. (Original) The method of Claim 12, wherein the information related to the token is a 
portion of data comprising the token. 

15. (Original) The method of Claim 12, wherein the authentication authority determines 
whether the authentication authority generated the token to validate the token. 

16. (Original) The method of Claim 15, wherein the authentication authority determines 
whether the token has expired. 
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17. (Original) The method of Claim 12, wherein the authentication authority determines 
whether the token has expired. 



18. (Original) The method of Claim 9, wherein the token includes a portion of the 
security credential in a string format. 

19. (Original) The method of Ciaim 18, wherein the token includes at least an 
information related to an expiration date of the token. 

20. (Original) The method of Claim 18, wherein the token is encrypted. 

21. (Original) The method of Claim 18, wherein the string format of the token is further 
defined as an Extensible Markup Language format. 

22. (Original) The method of Claim 18, wherein the string format of the token is further 
defined as Security Assertion Markup Language format. 

23. (Original) The method of Claim 9, wherein the client further includes an application 
program interface coupled to the client application for communicating with the server 
application and wherein the client application further includes a security application 
program interface coupled to the client application to communicate with the 
authentication authority. 
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24. (Original) The method of Claim 9, wherein the security credential is further defined 
as including a password and user identification. 

25. (Original) The method of Claim 24, wherein the security credential is further defined 
as encrypted and the data store is further defined as a data store maintaining user 
identifications and passwords. 

26. (Original) The method of Claim 9, wherein the security credential is an X.509 
certificate and the data store is a certificate authority. 

27. (Original) The method of Claim 26, further comprising: 

communicating the X.509 certificate from the authentication authority to the 

certificate authority; 
validating the X.509 certificate by the certificate authority; and 
communicating validation information to the authentication authority. 
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28. (Currently Amended) A system to provide application-to-application enterprise 
security, the system comprising: 

a first security application program interface coupled to a first application to provide 
a first security credential; 

a second security application program interface coupled to a second application 
to provide a second security credential; 

an authentication authority op e rab le to rece i v e receiving the first and second 
security credentials from the first and second security application program 
interfaces, the authentication authority further op e rab le to g e n e rat e 
generating tokens and commun i c a t e communicating the tokens to the first 
and second security application program interfaces where the first and 
second security credentials are valid, wherein the token contains user 
credentials encoded as a platform and application independent primitive 
data type ; 

a store maintaining data operabl e to validate validating the first and second 
security credentials, the store in communication with the authentication 
authority to validate the first and second security credentials; 

a first application program interface coupled to the first client application, the first 
application program interface op e rab le to communicat e communicating 
regarding tokens; and 

a second application program interface coupled to the second client application 
and op e ra ble to r e c ei v e receiving the token from the first application 
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program interface, the second security application program interface 
op e rab le to communicat e communicating with the authentication authority 
to validate the token to enable the first application to use services of the 
second application and wherein the fifst-second application program is 
op e rab le to r e c ei v e receives the token from the second application 
program interface, the first security application program interface op e rab le 
to commun i cat e communicating with the authentication authority to 
validate the token to enable the second application to use services of the 
first application. 

29. (Original) The system of Claim 28, wherein the tokens generated by the 
authentication authority are further defined as a first token generated by the 
authentication authority for the first application based on the first security credential and 
a second token generated by the authentication authority for the second application 
based on the second security credential. 

30. (Original) The system of Claim 29, wherein the first and second tokens are further 
defined as data provided in a string format including at least portions of the first and 
second security credentials, respectively. 

31. (Original) The system of Claim 30, wherein the first the second tokens include an 
expiration date. 
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32. (Original) The system of Claim 30, wherein the string format of the first and second 
tokens is further defined as Extensible Markup Language Format. 

33. (Original) The system of Claim 30, wherein the string format of the first and second 
tokens is further defined as Security Assertion Markup Language Format. 
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